Paul Nicholas leads Microsoft’s Global Security Strategy and Diplomacy Team, which focuses on driving strategic change, both within Microsoft and externally, to advance infrastructure security and resiliency. His team addresses global challenges related to risk management, incident response, emergency communications, and information sharing.
Paul recently served as subject matter expert for the EastWest Institute’s 2011 publications, including the first U.S.-Russia taxonomy for cyber collaboration and a review of the applicability of The Hague and Geneva Conventions on cyberspace. In 2007, he helped to establish the Software Assurance Forum for Excellence in Code (SAFECode), a multi-company effort to advance industry best practices for software security and integrity.
Prior to joining Microsoft, Paul spent over eight years in the U.S. government, focusing on emerging threats to economic and national security. From 2002-2004, he served as White House Director of Cybersecurity and Critical Infrastructure Protection. In that role, he coordinated the National Strategy to Secure Cyberspace and Homeland Security Presidential Decision Directive 7. Paul also served in the legislative branch, working as a senior policy advisor for U.S. Senator Robert F. Bennett and as a staff member of the Judiciary Subcommittee on Technology, Terrorism and Government Information. He has also served as an Assistant Director at the U.S. Government Accountability Office, and as an analyst for the U.S. Department of Defense.
Paul earned a B.A. from Indiana University, an M.A. from Georgetown University, and is a Certified Information Systems Security Professional.